mitre/sandcat external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mitre/sandcat

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mitre/sandcat)

Close

mitre / sandcatView on GitHubMore

• External links
• Readme badge

A CALDERA plugin

☆75Mar 17, 2026Updated last week

Alternatives and similar repositories for sandcat

Users that are interested in sandcat are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mitre / gocat

  View on GitHub
  Simplified go-cat agent for caldera
  ☆11Dec 18, 2023Updated 2 years ago
• mitre / stockpile

  View on GitHub
  A CALDERA plugin
  ☆81Updated this week
• mitre / adversary

  View on GitHub
  A CALDERA plugin
  ☆18Jul 28, 2020Updated 5 years ago
• mitre / caltack

  View on GitHub
  Plugin that serves the ATT&CK website alongside CALDERA.
  ☆13Feb 24, 2020Updated 6 years ago
• xenoscr / atomiccaldera

  View on GitHub
  A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…
  ☆73Oct 14, 2021Updated 4 years ago
• mitre / training

  View on GitHub
  A CALDERA plugin
  ☆27Updated this week
• mitre / access

  View on GitHub
  A CALDERA plugin
  ☆26Updated this week
• mitre / response

  View on GitHub
  A CALDERA plugin for autonomous incident response
  ☆27Updated this week
• mitre / caldera-agent

  View on GitHub
  ☆20Dec 19, 2017Updated 8 years ago
• VVX7 / nicodemus

  View on GitHub
  A cross-platform Nim implant for Prelude Operator
  ☆31Jan 2, 2022Updated 4 years ago
• preludeorg / libraries

  View on GitHub
  Prelude client side libraries
  ☆17Updated this week
• NotMedic / SocksLauncher

  View on GitHub
  ☆14Oct 25, 2019Updated 6 years ago
• rbmm / SDD2

  View on GitHub
  Self delete DLL (2)
  ☆14Feb 15, 2024Updated 2 years ago
• rvrsh3ll / SharpExcel4-DCOM

  View on GitHub
  Port of Invoke-Excel4DCOM
  ☆104Oct 12, 2019Updated 6 years ago
• Octoberfest7 / Proxy_Egress_Persistence

  View on GitHub
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆34Sep 15, 2022Updated 3 years ago
• JumpsecLabs / CloudflareRedirector

  View on GitHub
  Putting the C2 in C2loudflare
  ☆18Jun 28, 2024Updated last year
• yeti-platform / pyeti

  View on GitHub
  Python bindings for Yeti's API
  ☆19Sep 12, 2023Updated 2 years ago
• NextronSystems / thor-manual

  View on GitHub
  THOR APT Scanner User Manual
  ☆20Mar 9, 2026Updated 2 weeks ago
• mitre / emu

  View on GitHub
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆34Updated this week
• mitre / atomic

  View on GitHub
  A MITRE Caldera plugin
  ☆49Updated this week
• OTRF / sigma

  View on GitHub
  Generic Signature Format for SIEM Systems
  ☆14Oct 27, 2021Updated 4 years ago
• jfmaes / Ansible-EmpireSuite

  View on GitHub
  ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)
  ☆24May 8, 2022Updated 3 years ago
• vysecurity / ATT-CK_Analysis

  View on GitHub
  Repository for my ATT&CK analysis research.
  ☆70May 16, 2019Updated 6 years ago
• armageddon808 / electron-updater-digitalocean-example

  View on GitHub
  electron-updater DigitalOcean example (DigitalOcean Spaces)
  ☆10Jan 6, 2023Updated 3 years ago
• hasherezade / libpeconv_and_detours_tpl

  View on GitHub
  A template for projects using both libPeConv and MS Detours
  ☆16Oct 5, 2025Updated 5 months ago
• djhohnstein / HookDetector

  View on GitHub
  Playing with PE's and Building Structures by Hand
  ☆22Apr 21, 2022Updated 3 years ago
• checkymander / CoreSploit

  View on GitHub
  Initial Commit of Coresploit
  ☆57Oct 12, 2021Updated 4 years ago
• TheWover / AssemblyLoader

  View on GitHub
  Loads .NET Assembly Via CLR Loader
  ☆17Mar 6, 2019Updated 7 years ago
• threatexpress / edc

  View on GitHub
  Event Data Collector
  ☆39Jan 12, 2026Updated 2 months ago
• DEFCONMeshNet / DEFCONMeshNet

  View on GitHub
  ☆10Jul 24, 2020Updated 5 years ago
• boku7 / xPipe

  View on GitHub
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆95Mar 8, 2023Updated 3 years ago
• shantanu561993 / DLL-Sideload

  View on GitHub
  ☆43Jan 2, 2023Updated 3 years ago
• rvrsh3ll / CPLResourceRunner

  View on GitHub
  Run shellcode from resource
  ☆259Dec 13, 2020Updated 5 years ago
• Cipher7 / havoc-SauronEye

  View on GitHub
  ☆11Dec 8, 2023Updated 2 years ago
• DATCResearch / Sentinel-UseCase-BEC365-IR

  View on GitHub
  Sentinel BEC IR
  ☆14Aug 18, 2022Updated 3 years ago
• ZERODETECTION / Havoc_Demon_API_Hashing

  View on GitHub
  Rehashing APIs to prevent hash based detection
  ☆14Jan 7, 2025Updated last year
• FalconForceTeam / SysWhispers2BOF

  View on GitHub
  Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
  ☆125May 24, 2022Updated 3 years ago
• mitre / human

  View on GitHub
  Caldera plugin to deploy "humans" to emulate user behavior on systems
  ☆31Apr 26, 2024Updated last year
• jheise / threatcmd

  View on GitHub
  Cli interface to threatcrowd.org
  ☆20Jul 6, 2017Updated 8 years ago